The present disclosure relates generally to the field of digital data processing in integrated and centralized software applications, and particularly relates to a method for processing data containing information which is subject to handling and/or access restrictions under legal regulations or organizational policies.
Many countries have data privacy laws forbidding to process and to store persistently a certain kind of data outside the respective country. For example, German data privacy act makes transfer and processing of data containing personal information of a natural person as, for example personal address data, birthday, outside of the European Union/European Economic Area (EU/EEA) region subject to explicit consent of the respective person. This requirement often constitutes a major hurdle for the implementation of a “Globally Integrated Enterprise” (GIE) strategy, characterized by an integration of regional business processes into global processes presupposing that globally distributed data can be processed without any restrictions. Typical Globally Integrated Enterprise strategy includes consolidation of regional business processes and data into global business processes as an important and principal element. Data and process consolidation, however, heavily benefits from consolidation and integration of the underlying information processing infrastructure. Therefore, in practice there is a tendency to deploy single global instances of business applications. As a consequence, several approaches have been developed for making these systems and data processing methods compliant with access, transfer and handling restrictions.